Case Studies

More hours for fraudsters

by Mark Rowe

Hyper-connectivity is extending fraudsters’ ‘business hours’, according to a company that offers automated identity verification.

In 2022, fraud levels were consistent across 24 hours, seven days a week. With technology, fraudsters are more connected and able to traverse regions and time zones, and can take advantage of businesses’ closed hours when staff are likely offline. This hyper-connectivity means there are no more ‘business hours’ for fraudsters and sophisticated fraud rings — they will scam and defraud 24/7, says Onfido.

The fourth edition of the company’s annual Identity Fraud Report included:

– fraud rings are making thousands of variations of the same document by tweaking minor details each time in an attempt to create thousands of fake accounts. Using Onfido’s Repeat Attempts product, one company identified 300 documents submitted with the same document number combined with slightly different attributes over a three month period.

– fraudsters are deterred by biometric verification, it’s suggested: and fraudsters focus their attacks on documents when attempting to bypass onboarding defences, and abandon attempts when confronted by biometric verification.

– fraud against gaming companies increased fourfold over the past 12 months, making it one of the most attacked industries ahead of healthcare, finance and professional services.

– most fraud is estimated to be linked to synthetic identity fraud – where a fake ID is created by combining real personal information bought from the Dark Web with fabricated personal information. Onfido’s Identity Fraud Report reveals that synthetic IDs are more likely to be of men than women, and fraudsters are opting to use fictional names. For example, one of the names frequently used for fraud was Edward Cullen, the lead character from the series, Twilight.

– the most commonly used phones fraudsters use come from lower cost brands like Symphony (Indian), Gionne (Chinese) and lava (Indian), presumably to use as burner phones, specifically for doing fraud.

Over the last four years, fraudsters’ working patterns have dramatically changed. In 2019, attacks mirrored a typical working week, peaking Monday to Friday and dropping off during the weekends. Yet over the last three years, fraudulent activity started to shift so that levels of fraud span every day of the week, the report said.

Simon Horswell, Fraud Specialist at Onfido said: “Less sophisticated fraud jumped 23pc this year to 72.9 per cent, pointing to fraud becoming a matter of quantity over quality as fraudsters are opting to attack systems en masse. Fraudsters can produce low-quality fake documents in the thousands, launch an attack, and hope one slips through a business’s defences. The flood of attacks can distract businesses from the rarer, but more sophisticated fraud. This is why automating fraud detection to prevent ‘less sophisticated’ fraud from slipping through is key, so businesses can protect themselves at scale while focusing key resources on more advanced attacks.”

And Malik Alibegovic, Forensic Analyst at Interpol, in a foreword to the report said: “As criminals look to take advantage of digitisation processes, they’re able to commit financial crimes with increasing efficiency and sophistication, to the extent that financial crime and cybercrime are now invariably linked. A significant amount of financial fraud takes place through digital technologies, and the pandemic has only hastened the emergence of digital money laundering tools and other cyber-enabled financial crimes.”

Related News

  • Case Studies

    FraudNet report

    by Mark Rowe

    An inaugural FraudNet Global Report 2021 draws upon the collective knowledge of members and strategic partners – covering high-profile, legally impactful and…

  • Case Studies

    Business award winner

    by Mark Rowe

    Bradbury CEO Jim Connell paid tribute to the contribution of all 179 Bradbury employees at the North Lincolnshire and Humberside Business Awards.…

  • Case Studies

    SOCA offline

    by msecadm4921

    The UK’s Serious Organised Crime Agency (SOCA) has confirmed that its website has suffered a distributed denial-of-service (DDoS) attack, effectively preventing internet…


Subscribe to our weekly newsletter to stay on top of security news and events.

© 2023 Professional Security Magazine. All rights reserved.